Creating backup LDAP server.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



John Oliver wrote:
> On Thu, Jul 10, 2008 at 01:40:25PM -0600, Rich Megginson wrote:
>   
>> John Oliver wrote:
>>     
>>> One of the projects on my plate is to have a working backup of an
>>> existing fedora-ds server.  I installed fedora-ds under CentOS 5.2 and
>>> copied over the files that result from ns-slapd db2archive from the
>>> existing server to the new machine.
>>>
>>> First off, I know nothing about LDAP or fedora-ds in particular :-)
>>>
>>> After looking at the existing server and what I had after installing on
>>> the new server, I decided that running /usr/sbin/setup-ds-admin.pl was
>>> probably necessary.  I went through, answering the questions as best I
>>> could (and figuring that the answers would be overwritten when I
>>> restored the backup).  I got this:
>>>
>>> [08/07/10:10:18:52] - [Setup] Info Are you ready to set up your servers?
>>> [08/07/10:10:18:56] - [Setup] Info yes
>>> [08/07/10:10:18:56] - [Setup] Info Creating directory server . . .
>>> [08/07/10:10:18:59] - [Setup] Info Your new DS instance 'unix-services2'
>>> was suc
>>> cessfully created.
>>> [08/07/10:10:18:59] - [Setup] Info Creating the configuration directory
>>> server .
>>> . .
>>> [08/07/10:10:22:08] - [Setup] Fatal Error: failed to open an LDAP
>>> connection to
>>> host 'unix-services2.my.domain.com.com' port '389' as user
>>> 'cn=Directory Ma
>>> nager'.  Error: unknown.
>>> [08/07/10:10:22:08] - [Setup] Fatal Failed to create the configuration
>>> directory
>>> server
>>> [08/07/10:10:22:08] - [Setup] Fatal Exiting . . .
>>> Log file is '/tmp/setupVSpvCl.log
>>>
>>>
>>> Yes, that's two ".com"s  No idea why.
>>>  
>>>       
>> Check /etc/hosts, /etc/nsswitch.conf, and /etc/resolv.conf, and check 
>> that against what you typed in as your hostname and what DNS resolves it to.
>>     
>
> All are correct.  /etc/hosts has the correct FQDN as well as hostname.
> /etc/resolv.conf is pointed to two working DNS servers.  And
> /etc/nsswitch.conf has "hosts:      files dns"
>
> Is there a way to tell it to remove the problematic stuff and try to set
> up again?
>   
When you run setup-ds-admin.pl, and it asks you for the hostname, does 
it have the correct hostname or the bogus one?  If you specify the 
correct hostname at the dialog prompt, it will use the correct one 
throughout.
>   
>>> So, I stop the dirsrv process and try:
>>>
>>> [root at localhost ~]# ns-slapd archive2db -D
>>> /etc/dirsrv/slapd-unix-services2 -a
>>> /var/lib/dirsrv/slapd-unix-services2/in
>>> [10/Jul/2008:11:05:39 -0700] - ERROR: target server has no NetscapeRoot
>>> configured
>>> [10/Jul/2008:11:05:39 -0700] - archive2db: Failed to read backup file
>>> set. Either the directory specified doesn't exist, or it exists but
>>> doesn't contain a valid backup set, or file permissions prevent the
>>> server reading the backup set.  error=53 (Invalid request descriptor)
>>>  
>>>       
>> Don't use ns-slapd archive2db directly - use the scripts in 
>> /usr/lib/dirsrv/slapd-instance (db2bak, bak2db, etc.) instead.
>>     
>
> [root at unix-services2 ~]# /usr/lib/dirsrv/slapd-unix-services2/bak2db
> /var/lib/dirsrv/slapd-unix-services2/in/
> [10/Jul/2008:14:56:40 -0700] - ERROR: target server has no NetscapeRoot
> configured
> [10/Jul/2008:14:56:40 -0700] - archive2db: Failed to read backup file
> set. Either the directory specified doesn't exist, or it exists but
> doesn't contain a valid backup set, or file permissions prevent the
> server reading the backup set.  error=53 (Invalid request descriptor)
> [root at unix-services2 ~]# ls /var/lib/dirsrv/slapd-unix-services2/in/
> DBVERSION       dse_instance.ldif  NetscapeRoot
> dse_index.ldif  log.0000000076     userRoot
The backup was created in a server with both userRoot and NetscapeRoot, 
but you are attempting to restore it in a server that does not have 
NetscapeRoot.  You need to create a root suffix called o=NetscapeRoot 
with an associated database called NetscapeRoot.  You can do this in the 
console.  *http://tinyurl.com/595tyy*

If you don't want NetscapeRoot at all, you could try exporting your old 
database to LDIF using db2ldif or db2ldif.pl, to get just the userRoot 
part (i.e. the suffix that you keep your real user&group data in).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20080710/1c4c47da/attachment.bin 


[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux